On Wed, 2004-03-31 at 16:54 +0200, Nico Erfurth wrote:
> Silmar A. Marca wrote:
>
> > Have a .conf with example of "DomainKeys" in exim?
>
> Is there any public document about the implementation?
Not that I'm aware of.
> A quick search on google brought nothing up. But I'm very sceptical
> about all the sender verification stuff. Especially the problems they
> bring up.
DomainKeys isn't as broken as CID and SPF are. Those attempt to 'verify'
the SMTP reverse-path by making flawed assumptions.
DomainKeys AIUI tries to verify the header From: with a cryptographic
approach. I don't know details of _how_ they plan to do this without
requiring MIME and while remaining fairly resilient to stuff like this
list is going to add to the end of my message, but it might look
something like my ramblings at
http://lists.infradead.org/pipermail/sender-auth/2004-February/000015.html
--
dwmw2
